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DETAILED ACTION 

1 . This is a Final Office Action in response to the applicant's communication filed on July 
14, 2008. 

2. Claims 1-3, 5-8, 10-14, 16-19 and 21-31 have been examined and are pending. 

Claim Objections 

3. Claims 14 and 19 are objected to because of the following informalities: 

Claim 14: line 3; and claim 19: line 3 recite "reset/boot". The notation "/" is ambiguous 
to define the scope of the claims and the examiner suggests replacing 
"reset/boot" with "reset or reboot". 

Appropriate correction is required. 

Response to Arguments 

4. Applicant's arguments filed on July 14, 2008 have been fully considered but they are not 
persuasive. 

In response to applicant's arguments against the references individually, one cannot show 
nonobviousness by attacking references individually where the rejections are based on 
combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re 
Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). 
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The applicant argues that 'Accordingly, Applicants do not believe that Ylonen adds any 
teaching which describes configuring the processing device responsive to configuration 
parameters stored in a certificate to set: the speed of a hardware component of the processing 
device, access to one or more normally hidden memory locations or the enablement or 
disablement of a hardware component. 

The examiner disagrees with the applicant's argument and analysis for the following 
reasons. First accessing and authenticating a certificate bound to the processing device is 
disclosed by Geiger in "(column 3: lines 14-21; column 4: lines 23-35, lines 59-67; figure 2: 
100-102; column 11: lines 46-54; column 16: lines 10-43; lines 59-67; figure 2: 100-102), not by 
Ylonen. Second, the applicant has amended "access to one or more normally hidden memory 
location" by replacing "normally hidden" and therefore, the claims do not read as the applicant 
argued by stating "normally hidden". Third, during examination the claims are given their 
broadest reasonable interpretation in light of the specification without bringing limitations from 
the specification into the claims. Accordingly, unlike the applicant's argument, as the claims 
currently read, " configuring the processing device hardware responsive to the configuration 
parameters to set one or more of: a speed of a hardware component of the processing device, 
access to one or more otherwise memory location, or enablement or disablement of a hardware 
component", and "the configuration parameters to set one or more of:" is interpreted as 
alternative to mean any one of the element in list. Therefore, Ylonen is disclosing one of these 
listed features particularly enablement or disablement of a hardware component recited as 
follows: 
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(Ylone : Preferably, a hardware token such as a smart card removable attachable to the 
network device using the hardware token reader of the network device contains at least the 
following information: a private key for the network device for authentication purposes, a 
certificate or a public key corresponding to the private key, certificate of a management 
system allowed to control the network device in order to allow the network device to 
authenticate any messages from the management system. "As recited above, a hardware 
token containing a certificate management allowed controlling network device in order to allow 
the network device to authenticate any message from the management system in essence 
enabling or disabling the hardware component. 

Therefore, for at least the above reasons, the applicant's arguments are not persuasive to 
overcome the prior arts in record to place the independent claims 1,6, 12 and 17 in condition for 
allowance. Dependent claims 2-3, 5, 7-8, 10, 11, 13-14, 16, 18-19, 2-22 and 28 depending 
directly or indirectly from their corresponding independent claims are also not placed in 
condition for allowance based on their dependency. 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious at 
the time the invention was made to a person having ordinary skill in the art to which said subject 
matter pertains. Patentability shall not be negatived by the manner in which the invention was 
made. 
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6. Claims 1-3, 5-8, 10-14, 16-22 and 28 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Geiger et al. (hereinafter referred to as Geiger, US Pat No.: 6, 463, 534) in 
view of Drews (US Pat. No.: 6,647,494) and in further view of Ylonen et al. (hereinafter referred 
to as Ylonen, US Pat. No.: 7,302,487). 

As per claim 1 : 

Geiger discloses a method of configuring a processing device, comprising the steps of: 

accessing a certificate bound to the processing device (column 3: lines 14-21; column 4: 
lines 23-35, lines 59-67; figure 2: 100-102); and 

authenticating the certificate (column 11: lines 46-54; column 16: lines 10-43; lines 59- 
67; figure 2: 100-102). 

Geiger does not explicitly disclose reading configuration parameters from the certificate, 
if properly authenticated; configuring the processing device hardware responsive to the 
configuration parameters. Drew in analogous art, however, disclose reading configuration 
parameters from the certificate, if properly authenticated; configuring the processing device 
hardware responsive to the configuration parameters (Abstract; column 2: lines 60-67; column 3: 
lines 1-6; The configurable parameters set 45 includes an authorization certificate 42. The 
authorization certificate provides security information that client platform 30 uses to perform 
integrity checks and authenticate the sources of request messages or work orders that client 
platform 30 receives). Therefore, it would have been obvious to a person having ordinary skill in 
the art at the time the invention was made to modify the system disclosed by Geiger to include 
reading configuration parameters from the certificate, if properly authenticated; configuring the 
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processing device hardware responsive to the configuration parameters. This modification would 
have been obvious because a person having ordinary skill in the art would have been motivated 
to do so to provide a system and method for checking authorization of remote configuration 
operations including generating a request credential manifest to request an update of 
configurable parameters on a client platform as suggested by Drew in (column 1 : lines 35-45). 

Geiger and Drew do not explicitly disclose set one or more of the speed of a hardware component 
of the processing device, access to one or more normally hidden memory locations or the enablement or 
disablement of a hardware component. Yloncn, in analogous art, however, disclose set one or more of the 
speed of a hardware component of the processing device, access to one or more normally hidden memory locations 
or the enablement or disablement of a hardware component (Column 17: lines 25-40; Figure 4B; 440; 
Figure 5: 558; ). Therefore, it would have been obvious to a person having ordinary skill in the 
art at the time the invention was made to modify the system disclosed by Geiger and Drew to 
include set one or more of the speed of a hardware component of the processing device, access to one or more 
normally hidden memory locations or the enablement or disablement of a hardware component. This 
modification would have been obvious because a person having ordinary skill in the art would 
have been motivated to do so to provide realize a system for providing security services in a data 
communications network, which is easy to install and maintain as suggested Ylonen (column 4: 
lines 25-25). 

As per claim 6: 

Geiger discloses a processing device comprising: 
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processing circuitry (figure 1 : 11); 

a memory coupled to the processing circuitry (figure 4: 452); 
wherein the processing circuitry: 

accesses a certificate bound to the processing device and stored in the memory (column 
3: lines 14-21; column 4: lines 23-35, lines 59-67; lines 59-67; figure 2: 100-102); 
and 

authenticates the certificate (column 11: lines 46-54; column 16: lines 10-43; lines 59-67; 
figure 2: 100-102). 

Gcigcr docs not explicitly disclose reading configuration parameters from the certificate, 
if properly authenticated; configuring the processing device hardware responsive to the 
configuration parameters. Drews in analogous art, however, disclose reading configuration 
parameters from the certificate, if properly authenticated; configuring the processing device 
hardware responsive to the configuration parameters (Abstract; column 2: lines 60-67; column 3: 
lines 1-6; The configurable parameters set 45 includes an authorization certificate 42. The 
authorization certificate provides security information that client platform 30 uses to perform 
integrity checks and authenticate the sources of request messages or work orders that client 
platform 30 receives). Therefore, it would have been obvious to a person having ordinary skill in 
the art at the time the invention was made to modify the system disclosed by Geiger to include 
reading configuration parameters from the certificate, if properly authenticated; configuring the 
processing device hardware responsive to the configuration parameters. This modification would 
have been obvious because a person having ordinary skill in the art would have been motivated 
to do so to provide a system and method for checking authorization of remote configuration 
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operations including generating a request credential manifest to request an update of 
configurable parameters on a client platform as suggested by Drews in (column 1 : lines 35-45). 

Geiger and Drew do not explicitly disclose set one or more of the speed of a hardware component 
of the processing device, access to one or more normally hidden memory locations or the enablement or 
disablement of a hardware component. Ylonen, in analogous art, however, disclose set one or more of the 
speed of a hardware component of the processing device, access to one or more normally hidden memory locations 
or the enablement or disablement of a hardware component (Column 17: lines 25-40; Figure 4B; 440; 
Figure 5: 558; ). Therefore, it would have been obvious to a person having ordinary skill in the 
art at the time the invention was made to modify the system disclosed by Geiger and Drew to 
include set one or more of the speed of a hardware component of the processing device, access to one or more 
normally hidden memory locations or the enablement or disablement of a hardware component. This 
modification would have been obvious because a person having ordinary skill in the art would 
have been motivated to do so to provide realize a system for providing security services in a data 
communications network, which is easy to install and maintain as suggested Ylonen (column 4: 
lines 25-25). 

As per claim 12: 

Geiger discloses a method of configuring a processing device, comprising the steps of: 
accessing a certificate bound to the processing device (column 3: lines 14-21; column 4: 
lines 23-35, lines 59-67; lines 59-67; figure 2: 100-102); and 
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authenticating the certificate (column 11: lines 46-54; column 16: lines 10-43; lines 59- 
67; figure 2: 100-102). 

Geiger does not explicitly disclose reading configuration parameters from the certificate, 
if properly authenticated; configuring the processing device hardware responsive to the 
configuration parameters. Drews in analogous art, however, disclose reading configuration 
parameters from the certificate, if properly authenticated; configuring the processing device 
hardware responsive to the configuration parameters (Abstract; disclosed by Drews in column 2: 
lines 40-55; column 2: lines 60-67; column 3: lines 1-6; The configurable parameters set 45 
includes an authorization certificate 42. The authorization certificate provides security 
information that client platform 30 uses to perform integrity checks and authenticate the sources 
of request messages or work orders that client platform 30 receives). Therefore, it would have 
been obvious to a person having ordinary skill in the art at the time the invention was made to 
modify the system disclosed by Geiger to include reading configuration parameters from the 
certificate, if properly authenticated; configuring the processing device hardware responsive to 
the configuration parameters. This modification would have been obvious because a person 
having ordinary skill in the art would have been motivated to do so to provide a system and 
method for checking authorization of remote configuration operations including generating a 
request credential manifest to request an update of configurable parameters on a client platform 
as suggested by Drews in (column 1 : lines 35-45). 

Geiger and Drew do not explicitly disclose set one or more of the speed of a hardware component 
of the processing device, access to one or more normally hidden memory locations or the enablement or 
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disablement of a hardware component. Ylonen, in analogous art, however, disclose set one or more of the 
speed of a hardware component of the processing device, access to one or more normally hidden memory locations 
or the enablement or disablement of a hardware component (Column 17: lines 25-40; Figure 4B; 440; 
Figure 5: 558; ). Therefore, it would have been obvious to a person having ordinary skill in the 
art at the time the invention was made to modify the system disclosed by Geiger and Drew to 
include set one or more of the speed of a hardware component of the processing device, access to one or more 
normally hidden memory locations or the enablement or disablement of a hardware component. This 
modification would have been obvious because a person having ordinary skill in the art would 
have been motivated to do so to provide realize a system for providing security services in a data 
communications network, which is easy to install and maintain as suggested Ylonen (column 4: 
lines 25-25). 



As per claim 17: 

Geiger discloses a processing device comprising: 
processing circuitry (figure 1 : 11); 

a memory coupled to the processing circuitry (figure 4: 452); 
wherein the processing circuitry: 

accesses a certificate bound to the processing device and stored in the memory (column 
3: lines 14-21; column 4: lines 23-35, lines 59-67; lines 59-67; figure 2: 100-102); 
and 

authenticates the certificate (column 11: lines 46-54; column 16: lines 10-43; lines 59-67; 
figure 2: 100-102). 
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Geiger does not explicitly disclose reading configuration parameters from the certificate, 
if properly authenticated; configuring the processing device hardware responsive to the 
configuration parameters. Drews in analogous art, however, disclose reading configuration 
parameters from the certificate, if properly authenticated; configuring the processing device 
hardware responsive to the configuration parameters (Abstract; disclosed by Drews in column 2: 
lines 40-55; column 2: lines 60-67; column 3: lines 1-6; The configurable parameters set 45 
includes an authorization certificate 42. The authorization certificate provides security 
information that client platform 30 uses to perform integrity checks and authenticate the sources 
of request messages or work orders that client platform 30 receives). Therefore, it would have 
been obvious to a person having ordinary skill in the art at the time the invention was made to 
modify the system disclosed by Geiger to include reading configuration parameters from the 
certificate, if properly authenticated; configuring the processing device hardware responsive to 
the configuration parameters. This modification would have been obvious because a person 
having ordinary skill in the art would have been motivated to do so to provide a system and 
method for checking authorization of remote configuration operations including generating a 
request credential manifest to request an update of configurable parameters on a client platform 
as suggested by Drews in (column 1 : lines 35-45). 

Geiger and Drew do not explicitly disclose set one or more of the speed of a hardware component 
of the processing device, access to one or more normally hidden memory locations or the enablement or 
disablement of a hardware component. Ylonen, in analogous art, however, disclose set one or more of the 
speed of a hardware component of the processing device, access to one or more normally hidden memory locations 
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or the enablement or disablement of a hardware component (Column 17: lines 25-40; Figure 4B; 440; 
Figure 5: 558). Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the system disclosed by Geiger and Drew to 
include set one or more of the speed of a hardware component of the processing device, access to one or more 
normally hidden memory locations or the enablement or disablement of a hardware component. This 
modification would have been obvious because a person having ordinary skill in the art would 
have been motivated to do so to provide realize a system for providing security services in a data 
communications network, which is easy to install and maintain as suggested Ylonen (column 4: 
lines 25-25). 

As per claims 2, 7 and 13: 

Geiger discloses a method, wherein the steps of accessing the certificate, authenticating 
the certificate, and reading configuration parameters from the certificate are performed whenever 
the processing device is initially powered (figure 2: 130; column 6: lines 5-45). 

As per claims 3, 8, 14 and 19: 

Drews discloses a method and a processing device, wherein the steps of accessing the 
certificate, authenticating the certificate, and reading configuration parameters from the 
certificate are repeated upon a system reset/boot (figure 2: 130; column 6: lines 5-45; column 
11: lines 26-30). 



As per claims 5, 10 and 16: 
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Geiger discloses a method, wherein the configuring step includes the step of configuring 
software in the processing device responsive to the configuration parameters (column 10: lines 7- 
30). 

As per claim 1 1 : 

Geiger discloses a processing device, wherein the certificate can be created and modified 
only by the manufacturer of the processing device (column 17: lines 36-48). 

As per claim 18: 

Geiger discloses a processing device, wherein the processing circuitry accesses the 
certificate, authenticates the certificate, and reads configuration parameters whenever the 
processing device is initially powered (figure 2: 130; column 6: lines 5-45). 

As per claim 19: 

Geiger discloses a processing device, wherein the processing circuitry accesses the 
certificate, authenticates the certificate, and reads configuration parameters upon a system 
reset/boot (figure 2: 130; column 6: lines 5-45; column 11: lines 26-30). 

As per claim 21: 

Geiger discloses a processing device, wherein the processing circuitry configures 
software in the processing device responsive to the configuration parameters (column 4: lines 23- 
35; column 10: lines 7-30). 
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As per claim 22: 

Geiger discloses a processing device, wherein the certificate can be created and modified 
only by the manufacturer of the processing device (column 17: lines 36-48). 

As per claim 28: 

Ylonen discloses a method, wherein the step of configuring the hardware of the 
processing device includes the step of selectively enabling or disabling operation of one or more 
hardware features components (Column 17: lines 25-40; Figure 4B; 440; Figure 5: 558). 

Allowable Subject Matter 

7. Claims 23-27 and 29-3 1 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the limitations of the 
base claim and any intervening claims as presented . 

The following is a statement of reasons for the indication of allowable subject matter: 
Claims 23-27 and 29-31 include the following features which are not taught or further suggested 
and would not have been obvious over prior arts of record and these features are: 

Reading configuration parameters from and stored in an authenticated certificate ; 
using the parameters; configuring performance characteristics of the hardware in the processing 
device which includes: 

configuring a processor speed of the hardware , 

configuring a memory speed for the device ; 
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configuring a bus speed for the device ; 

restoring performance characteristics to a predetermined setting ; 

periodic comparison of current performance with performance in the configuration 

parameter and restoring the performance characteristics ; and 
Selectively enabling or disabling networking, audio, or video hardware. 

Conclusion 

8. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. See the notice of reference cited in form PTO-892 for additional prior art. 

9. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 
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Contact Information 

10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Techane J. Gergiso whose telephone number is (571) 272-3784 
and fax number is (571) 273-3784. The examiner can normally be reached on 9:00am - 6:00pm. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Emmanuel Moise can be reached on (571) 272-3865. The fax phone number for the organization 
where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

IT. J. G.I 

Examiner, Art Unit 2437 



/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2437 



